Scribd Logo
Upload

Welcome to Scribd!

  • 47 views

    DLP Integration - Workshop Outcomes v1.0

    Uploaded by

    satish.sathya.a2012
    The document outlines the scope of an adaptive payment platform implementation project. It describes the in-scope and out-of-scope services including online payments, payment methods, functions like refunds and acknowledgements, and back office operations like reconciliation. It also lists assumptions around integration with travel booking systems and external payment processors. Pending decisions are noted around API-based refund processes and certification requirements.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd

    DLP Integration - Workshop Outcomes v1.0

    Uploaded by

    satish.sathya.a2012
    47 views20 pages
    The document outlines the scope of an adaptive payment platform implementation project. It describes the in-scope and out-of-scope services including online payments, payment methods, functions like refunds and acknowledgements, and back office operations like reconciliation. It also lists assumptions around integration with travel booking systems and external payment processors. Pending decisions are noted around API-based refund processes and certification requirements.

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    The document outlines the scope of an adaptive payment platform implementation project. It describes the in-scope and out-of-scope services including online payments, payment methods, functions like refunds and acknowledgements, and back office operations like reconciliation. It also lists assumptions around integration with travel booking systems and external payment processors. Pending decisions are noted around API-based refund processes and certification requirements.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Download as pdf or txt
    47 views20 pages

    DLP Integration - Workshop Outcomes v1.0

    Uploaded by

    satish.sathya.a2012
    The document outlines the scope of an adaptive payment platform implementation project. It describes the in-scope and out-of-scope services including online payments, payment methods, functions like refunds and acknowledgements, and back office operations like reconciliation. It also lists assumptions around integration with travel booking systems and external payment processors. Pending decisions are noted around API-based refund processes and certification requirements.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Download as pdf or txt
    of 20

    ADAPTIVE PAYMENT PLATFORM

    ARP DLP Implementation

    Onsite Payment Workshop Outcomes


    - Sep, 30 2016

    1
    Scope Definition
    APP Service Offerings IN-SCOPE
    • Online Payments
    • Setup DLP Package booking client configuration data (DDS1, Pluto, SBC, TravelBox) in APP
    Payment Methods • Integration with ON2 Payment Service (WSP) to process credit card payments from APP UI, SBC, Pluto and DDS1
    WEB PAYMENTS

    Credit Cards Digital Wallet 3D Secure


    via OnPaie
    • Tokenize card data using MORIA tokenization service

    • Fraud Scoring for Guest credit card with ON2

    • Integration with 3DS Rule Engine (IP3) to perform 3D secure eligibility check for all cards
    TRAVELBOX AND SBC Functions
    Payment UI Refunds Acknowledgement • Relay booking system (Pluto, DDS1, TBX) payment acknowledgement to ON2 for bank clearing

    • Process payment Auth void request from TravelBox, EAI/New Posting API

    • Generate payment confirmation reference no. for payment transactions and return to integrated systems

    • Persist payment transaction details and audit trail data in APP


    ACCOUNTING APP BackOffice
    • Support European card bin ranges for payments
    Manual Auth Code entry Manual Refunds Transaction Inquiry
    • Support transactions in selected European currency from the front end system

    • Integration with Credit Mutuel merchant services for validating 3D Secure enrollment and obtain challenge page

    ADMINISTRATION Reconciliation & redirection URL


    Accounting
    • Payment authorization using 3DS token (CAVV) directly with Credit Mutuel, post 3D Secure challenge validation by
    Bin Range Updates Reconciliation Interfaces Transaction Report
    bank
    • Sync payment authorization details for authorization directly done through CMUT 3DS rail, with ON2
    ASSUMPTIONS
    • Process Credit Card and Adyen refunds from TravelBox
    • Future payment authorization does not require CVV storage since authorization without CVV are
    supported by Credit Mutuel provided a confirmation reference from a prior authorization is sent along • Integrate with MasterCard wallet to translate MasterPass token to the funding PAN for authorization

    with authorization request • Create authorization session with MasterPass wallet for token retrieval
    • SBC will integrate with APPs validate card API to setup card for future payments when card is different • Future Payments
    from deposit payment card • Deposit and Future Payment card on the APP UI in single payment session
    • Multi Card payments are not supported from DDS1 and Pluto • Integrate with TravelBox future payment batch to process token based payments on due date
    • Recurring payment support for Annual monthly pass will be processed by external partner • Enrich authorization request with payment reference from a previous transaction for the card
    • DLP Accounting team will utilize APP Payment Administration Portal for completing Manual Auth (To • Process token based payments from SBC
    Control) transactions and manually update payment status in TravelBox
    • Back Office Operations
    • Sync up of Adyen payment in pending status will be performed manually in TravelBox
    • Daily batch to export payment transaction data to CC DB via ON2 integration layer
    • Cast member access control to Admin Payment Portal is managed through My ID and Keystone
    • Daily batch to import third party payment (Adyen), clearing status and payment data from ON2 integration layer
    • Adyen currently accepts refund transactions in a file. APP will integrate with Adyen API for refunds if
    • Daily batch to generate reconciliation report (payments acknowledged but not settled) for credit card and Adyen
    available
    payments and send to SAP
    • APP UI will support deposit payment and future payment card in a single payment session
    • Monthly batch process to update European card bin range up to card product level, in APP database
    • APP will perform card verification with processor for future payment cards when different from deposit
    payment card • Manual Authorization
    • 3D Secure eligibility will not be performed for SBC and TravelBox as they are not Guest facing apps • Provide ability to search and update transactions in “pending manual auth” status on Admin Payment Portal

    • Exiting EAI and TravelBox integrations with APP will be enhanced to support DLP project • Post manual auth Notification to TraveleBox to reflect the updated payment status
    Scope Definition
    OUT of SCOPE Pending Decisions

    • Card Tokenization using APP Token Vault • Confirmation on API based refund process from Adyen as an alternative to file based process
    • Fraud validation using Accertify • Certification requirements
    • Setting up of multiple future payment cards for a booking
    • Sending direct Adyen payment notification to Web sales channels (SBC, DDS1, PLUTO)
    • ByPass payments methods (Cheque, cash ) will not be handled through APP
    • Storage of CVV in APP database in any scenario
    • Removal of OnPaei and SBC application out of PCI scope
    • Retrieval and usage of Guest card on file for future payment
    • Language support on Payment UI for languages other than English
    • Deploying the APP payment UI in Non-Disney data center
    • Deploying APP core service layer and components in DLP datacenter
    • Performing any kind of currency conversion (currency conversion is done by the processing bank)
    • Automatic refund for card payments for TBX and external PSP payments
    • Canned Report generation from APP payment database
    • Payment methods other than credit/debit cards are not in scope. For e.g. gift cards, rewards
    redemption card, wire transfer, electronic checks
    • Direct PIN debit transactions
    • Processing bank payment clearance file and end-to-end reconciliation including revenue recognition
    • Periodic processor validation of card defined for future payments
    • Settlement trigger file processing form TravelBox. ON2 will perform auto-settlement for all booking
    channels
    Integration Layer
    User Presentation Layer Client Service Layer Middleware Integration Services (Switches) Processor

    Fraud Agent (On2) Issuer’s 3DS Page


    ONPaie Payment UI
    Check Fraud
    Redirection to Issuer 3DS Page BANK 3DS Page

    Pluto/DDS1
    Redirection to masterpass login Page
    Redirection

    Authorize Authorize
    MasterPass login
    Internet Guest User
    Tokenize/ Detokenize Page
    OnPaie BackEnd Token Vault (Moria)
    Service
    Redirection to Adyen Payment Page

    Post Payment
    New
    Integration API

    Check 3DS Eligibility


    TBX DB EDS Eligibility

    Post Payment
    Service (IP3) Mastercard
    APP Core
    Backend Service
    Translate MasterPass Token

    Authorize
    refund Authorize
    TBX UI Acknowledge Payment refund On2 Webservice
    On2 Gateway
    Establish Session Acknowledge Payment (WSP)
    Establish Session
    Retrieve Session RetrieveSession Notify 3DS Authorization
    BANK/ISSUER

    Back Office Agents


    TBX backend
    APP retry Notification
    Redirection Batch

    Post Payment
    Authorize Check 3DS enrollment
    Retrieve Session Authorize (With 3DS CAVV)

    3DS provider
    APP Payment UI (Credit Mutual)

    DLP EAI
    Authorize
    refund

    CCDB
    Authorize
    refund Inquiry DB
    Payment DB

    Authorize
    refund
    APP Transaction Exporter
    Batch Daily Transaction Upload ON2 Integration
    Layer
    Call center Agents SBC UI SBC Backend APP Third Party
    Manual Authorization
    Transaction Event
    Manual Refund
    Importer Clearing and Payment (Settlement)
    Add Manual Authorization Details File Download
    refund to different Card Search Transactions
    Search transaction
    APP Card BIN Importer
    BIN Range Update File Download
    APP Admin Portal APP Admin Service

    High Level Conceptual


    Appendices - System flows by Use Case
    Integration Layer
    User Presentation Layer Client Service Layer Middleware Integration Services (Switches) Processor

    TBX DB
    (DLP Installation)

    PLUTO calls TravelBox DLP NEW POSTING API


    1 through New API layer to create 2 Create Reservation
    TBX
    the reservation (DLP Installation)

    23 Post Authorization 24 Post Authorization

    25 Acknowledge payment

    REST/ JSON/TLS 1.2


    • Sanitized Request to APP
    25a 10 Fraud Check
    • Sanitized Request to Moria
    • Sanitized Request to Fraud
    Auth void Fraud Check turns Green or yellow for the given card
    Agent
    (if posting fails)
    • Sanitized Request to ON2
    • Sanitized Response from APP SOAP/ HTTPS/TLS 1.2
    FRAUD AGENT

    Audit Message
    Queue
    12 Tokenize card

    SOAP/ HTTPS/TLS 1.2

    Audit Messages
    TOKEN VAULT
    (MORIA)
    Check 3DS eligibility

    Audit DB
    14

    ONPaie Payment UI 3DS eligibility comes negative Processor


    On Pluto Page guest selects
    SOAP/ HTTPS/TLS 1.2 ON2
    booking options 3DS rule Engine
    5
    ONPaie Backend (IP3)
    1
    7 Authorize Service Authorize
    Redirects Authorize 16 Authorize Card 17 18 Authorize Card
    8
    Card
    4 22
    Authorization Authorization Response 26 Acknowledge payment
    21 20
    After selecting booking Redirects back Response
    Internet Public options guest tries to pay REST/ JSON/TLS 1.2 SOAP/ HTTPS/TLS 1.2
    Users for the reservation DDS1/ PLUTO UI ON2 Service
    Generate OAuth
    Token Request Event Insert 9 27
    APP CORE Insert Acknowledgement in
    6 CCDB
    Fraud Result Insert 11
    Guest insures credit card number and initiates payment
    Card token and transaction insert 13

    3DS eligibility insert 15

    Insert authorization Details 19

    CC DB
    Insert Acknowledgement 28

    ONLINE GUEST CARD PAYMENT THROUGH APP DB Active Sync


    Inquiry DB
    PLUTO UI
    (GREEN FLOW)
    Integration Layer
    User Presentation Layer Client Service Layer Middleware Integration Services (Switches) Processor

    TBX DB
    (DLP Installation)

    22 User answers 3DS challenges

    21 Redirection to bank’s 3DS Page (Only if On2 Score is Yellow)


    24 3DS Token (CAVV) is redirected to Onpaie Page BANK 3DS Page

    2 Create Reservation NEW API 3 Create Reservation

    TBX
    Post Payment
    35
    36 (DLP Installation)
    Post Payment

    • Sanitized Request to REST/ JSON/TLS 1.2


    APP
    • Sanitized Request to Auth void
    28 Acknowledge 23

    Moria (if posting fails)


    37a
    Payment Validate Password/ Challenge
    • Sanitized Request to
    Fraud Agent
    • Sanitized Request to
    10 Fraud Check
    ON2

    Audit Message
    • Sanitized Response
    from APP Fraud Check turns Green or yellow for the given card

    Queue
    SOAP/ HTTPS/TLS 1.2 FRAUD AGENT

    Audit Messages
    12 Tokenize Card

    Audit DB
    SOAP/ HTTPS/TLS 1.2
    Generate OAuth ONPaie Backend TOKEN VAULT
    Token Service (MORIA)
    On Pluto Page guest selects 5
    booking options
    Redirects 7 Authorize 8 Authorize 14 3D Secure Eligibility Check
    1
    19 3DSRedirection URL
    20 3DS URL 3DS eligibility comes as positive
    34
    4 2nd Authorization 26 2nd Authorization (With CAVV & Token)
    SOAP/ HTTPS/TLS 1.2
    (With CAVV and 3DS rule Engine
    After selecting booking Redirects Auth Response Credit Mutual
    25
    token) 32
    (IP3)
    Internet Public options guest tries to pay Back (processor)
    for the reservation Request Event Insert 9
    APP CORE
    Users Auth Response
    33
    REST/ JSON/TLS 1.2 SOAP/ HTTPS/TLS 1.2
    DDS1/ PLUTO UI ONPaie Payment UI Fraud Result Insert 11
    16 Call Credit Mutual For 3DS enrollment Validation (PARequest)
    6 Token Insert 13
    17

    Guest insures credit card number and initiates payment 3DS Redirection URL
    3DS eligibility Result 15

    insert SOAP/ HTTPS/TLS 1.2


    18
    28
    Authorize (With CAVV)
    3DS event Insert
    29 Auth response ON2 Service ON2
    Request Event Insert 27

    31
    Async Notification to
    Auth response Insert 30
    ON2
    Insert Acknowledgement 39
    40 Acknowledgement
    41

    ADYEN UI SOAP/ HTTPS/TLS 1.2


    Save Acknowledgement
    Active Sync
    ONLINE GUEST CARD PAYMENT THROUGH Inquiry DB
    CC DB
    PLUTO UI APP DB

    (3DS)
    Integration Layer
    User Presentation Layer Client Service Layer Middleware Integration Services (Switches) Processor

    New API TBX


    (DLP Installation)
    2 Create Reservation 3 Create Reservation

    15

    14 Post External pending Post Pending


    Payment Payment
    APP Payment DB 16 Acknowledge Pending
    Payment 23

    22 Send all the records that were settled by Adyen but not acknowledgement
    Fetches all records which are settled
    but not acknowledged
    SFTP
    APP
    Insert external Payment as Reconciliation

    REST/ JSON/TLS 1.2


    pending payment
    12 Batch

    Insert Payment 17

    acknowledgement TBX DB
    (DLP Installation)
    Update external payments 22
    ON2 Settlement ON2 Integration
    as completed
    Data Exporter Layer
    10 11

    Register Payment Register Third Party Payment notification 18

    REST/ JSON/TLS2.0 Call App with payment Settlement notification File Adyen sends Payment F
    notification from On2 to APP 19 ON2 inserts in CC DB to ON2 integration laye
    21 APP Third Party 20 after settlement
    ONPaie Backend
    Settlement Data SFTP
    Importer

    APP Core
    On Pluto Page guest selects
    booking options 5

    1
    Redirects 7 OnPaie Page redirects to Adyen FTTP Redirection CC DB

    4 13 9
    Adyen Page redirects to Onpaie Page after successful payment

    After selecting booking Redirects


    options guest tries to pay DDS1/ PLUTO UI Back
    for the reservation
    ONPaie Payment UI
    6

    Guest selects alternative payment methods line Paypal, Bank


    Transfer etc.

    8
    Guest makes payment through Adyen by selecting BANK
    Details/Paypal account ETc.

    ONLINE GUEST ALTERNATIVE PAYMENT


    THROUGH ADYEN
    (EXTERNAL PAYMENTS)
    Integration Layer
    User Presentation Layer Client Service Layer Middleware Integration Services (Switches) Processor

    2 Create Reservation 3 Create Reservation


    34 Post Payment
    Post Payment 35

    APP Payment DB

    22
    Check Fraud
    Fraud Check turns Green or yellow for the given card
    FRAUD AGENT

    Insert the Session Request Event 9

    Insert the Session Token


    24 Tokenize Card
    11
    obtained from mastercard
    Request Event Insert 19 TOKEN VAULT
    (MORIA)
    Translation Event Insert 21

    Fraud Result Insert 23 26 3DS eligibility Check


    Token Insert 25 BANK
    Fraud Check turns negative for the given card
    3DS rule Engine

    Acknowledge
    3DS eligibility Result 27

    Payment
    (IP3) ON2
    insert
    31
    Auth response Insert 28 Authorize 29 30

    Insert Acknowledgement 37 36 38 Acknowledge 39 Acknowledge

    40 Persist Payment
    ON2 Service Acknowledgement

    On Pluto Page guest selects Get MasterPass EstablishSession(Mode: External, Provider:


    booking options 5 7
    Session
    8
    masterpass)
    Redirects
    1 12 Session Token
    13
    Session Token
    Authorize
    4 33 17
    Authorize 18
    (MasterPass Token)
    (MasterPass Token)
    Auth Response
    31 Auth Response CC DB
    After selecting booking Redirects 32

    MASTER CARD
    options guest tries to pay DDS1/ PLUTO UI Back ONPaie Backend BACKEND
    for the reservation GetSessionToken
    10

    20 Translate Master card auth Token to Card Details


    6

    Guest selects master pass as payment method MASTER Pass


    Login Page

    14 OnPaie Page redirects to Masterpass login Page with Session Token

    16 Masterpass returns the authToken back to Onpaie Page

    15 Guest logs in to masterpass account and selects a card

    ONLINE GUEST ALTERNATIVE PAYMENT


    THROUGH MASTERPASS
    (CARD RESOLUTION FROM MASTERPASS)
    Integration Layer
    User Presentation Layer Client Service Layer Middleware Integration Services (Switches) Processor
    ADYEN UI

    13 Fraud Check

    If the fraud check is Red or Yellow the purchase will be declined


    Audit Message SOAP/ HTTPS/TLS 1.2
    Queue
    FRAUD AGENT
    APP Payment UI
    Customer reps 8
    Retrieve Session
    10
    enter the guest card
    details 11 Authorize Card
    20
    Authorization Response 15 Tokenize card

    SOAP/ HTTPS/TLS 1.2


    7
    21 Redirect
    to confirmation Page
    TOKEN VAULT
    Redirects TBX APP Core (MORIA) BANK
    (DLP Installation) REST/JSON/TLS 1.2
    2 Establish Session ON2
    3 Establish Session Authorize
    17 Authorize Card 18
    Card
    1
    6 Session Token 5
    Session Token
    Retrieve Session (for auth Details) Retrieve Session (Post Payment, if not found in Acknowledge
    Customer representative 22 24 29 Acknowledge Payment
    Backoffice Database)
    enters the reservation Acknowledge Payment
    Agents details and presses Pay
    27 30

    button SOAP/ HTTPS/TLS 1.2 ON2 Service


    TBX DLP UI

    Generate OAuth Persist Details and Creates Checkout Session 4

    Token Persist
    Retrieve Session 9
    Acknowledgement 31

    Request Event Insert 12

    26

    Fraud Result Insert 14


    Post payment in
    23 Travelbox
    Database Card token and transaction insert 16

    Search for
    auth records
    Insert authorization Details 19

    Get Session Details with Authorization Details 25

    Active Sync
    TBX DB Insert Payment Acknowledgement 28
    (DLP Installation)

    CC DB
    APP DB Inquiry DB

    CUSTOMER REPRESENTATIVE PAYMENT


    THROUGH APP UI
    20 Authorization Notification
    APP TBX
    Notification Service Impl
    REST/JSON/TLS 1.2
    Integration Layer
    User Presentation Layer Client Service Layer Middleware Integration Services (Switches) Processor

    15 Fraud Check

    If the fraud check is Red or Yellow the purchase will be declined


    Audit Message SOAP/ HTTPS/TLS 1.2
    Queue
    FRAUD AGENT
    APP Payment UI
    Customer reps 8 Retrieve Session
    enter the guest card
    11
    details 12 Authorize Card
    23 Authorization Response (Manual Auth Request) 17 Tokenize card

    SOAP/ HTTPS/TLS 1.2


    Redirects 7
    24 Redirect
    to error Page
    TOKEN VAULT
    JSON/ REST/TLS 1.2 APP Core (MORIA) BANK
    SOAP/ HTTPS/TLS 1.2
    2 Establish Session ON2
    3 Establish Session 19 Authorize Card
    Authorize
    20
    1
    6 Session Token 5 Session Token 21
    Authorization Request comes back with Card
    Retrieve Session (for auth Details) 26 Retrieve Session (Post Payment) “Call Authorizer” error
    25
    44
    Backoffice Customer 39 Update manual Auth code
    Agents 42
    Acknowledge Payment Acknowledge
    representative enters Acknowledge Payment
    43 Payment
    the reservation details TBX DLP UI TBX
    and presses Pay (DLP Installation)
    button ON2 Service
    Generate OAuth Persist Details and Creates Checkout Session 4

    Token

    JSON/ REST/TLS 1.2


    Retrieve Session 10

    Persist Acknowledge45
    Request Event Insert 14

    CUSTOMER REPRESENTATIVE PAYMENT


    THROUGH APP UI Fraud Result Insert 16

    Mark Payment as “Pending manual


    MANUAL AUTH Authorization”
    28
    Card token and transaction insert 18
    37
    Update Manual Authorization

    Insert the authorization status as 22

    TBX DB “Pending Manual Auth”


    (DLP Installation)
    Get Session Details with Authorization Details 27 CC DB
    Active Sync
    Insert the manual auth record in database and link
    Modify the pending payment as 38
    41 the original authorization record
    Authorized
    Insert acknowledge Payment 43

    APP DB Inquiry DB
    APP TBX 40 Notify Manual Auth
    Notification Service Impl 33
    JSON/ REST/TLS 1.2
    Database search for manual
    Admin User logs in to the APP APP Admin Portal auth records
    admin portal and searches for
    30
    32
    Get all “Pending Manual Auth” for TBX DLP
    manual auth records by date range
    and merchant ID
    36 Update Manual Auth records
    35
    Admin User enters auth code on the
    transaction record and submits JSON/ REST/TLS 1.2

    APP ADMIN
    31 Authentication and Authorization SERVICE

    34 Admin user calls bank to get manual authorization


    MY ID
    Integration Layer
    User Presentation Layer Client Service Layer Middleware Integration Services (Switches) Processor

    32 Fraud Check

    If the fraud check is Red or Yellow the purchase will be declined


    11
    Audit Message SOAP/HTTPS/TLS V1.2
    Payment UI opens in APP Payment UI Queue
    validation Mode FRAUD AGENT
    8 Retrieve Session REST/JSON/TLS 1.2
    12
    13 Validate & Tokenize Card

    Customer representative Card validation Response (Token)


    16
    Tokenize card
    22
    TOKEN VAULT
    enters card number and
    (MORIA)
    presses validate button SOAP/HTTPS/TLS V1.2
    7
    23 Redirect
    to confirmation Page
    Redirects TBX Detokenize BANK
    (DLP Installation) REST/JSON/TLS 1.2 APP Core
    Establish Session (Validation ON2
    2
    Mode) 18 $0 authorization 19 $0 Auth
    3 Establish Session (Validation Mode)
    1
    Session Token Authorize (Token, amount, transaction Ref Authorize
    6 Session Token 5 34 35
    ID)
    Retrieve Session (for token and 26 Retrieve Session (Post Payment, if not found in
    24 41 Acknowledge 42 Acknowledge
    Backoffice amount) Database)
    39
    Agents Acknowledge Payment
    SOAP/HTTPS/TLS V1.2
    TBX DLP UI ON2 Service
    Generate OAuth
    Customer representative enters Token Persist Details and Creates Validation Session 4
    the reservation details and
    presses schedule future payment Retrieve Session 10
    button
    43
    Request Event Insert 15

    28 Persist Acknowledgement
    Card token and transaction insert 17
    Post Token and
    25
    amount in
    Insert $0 auth Details with APP RRN and 20
    Travelbox
    Search for auth Processor transaction ID
    Database
    records Get Session Details with token Details 27

    Request Event Insert and fetch earlier 31

    TBX DB processor reference ID


    Active Sync
    (DLP Installation)
    Tokenizing and validating Card Fraud result insert 33

    Authorize Response and processor reference


    from Future Payments through TBX UI ID insert
    36
    CC DB

    Payment acknowledgement insert 40 APP DB Inquiry DB

    38
    Insert authorization details
    in TBX DB
    Fetch all future payment transactions and REST/JSON/TLS 1.2

    REST/JSON/TLS 1.2
    29
    associated amount sand tokens Authorization Notification
    21
    (Token, Card Type, last 4, Processor Auth
    Code, APP transaction ID, APP RRN)
    37 Authorization Notification
    APP TBX
    Notification Service Impl

    30
    Authorize (Token, amount, APP RRN/
    APP Transaction ID)
    38
    Authorization Response

    TBX future PaymentBatch


    Integration Layer
    User Presentation Layer Client Service Layer Middleware Integration Services (Switches) Processor

    Audit Message
    Queue

    CC DB

    Detokenize 16

    UC4 triggers the


    Customer representative Displays the Reservation nightly refund
    searches for an existing TBX DLP Backend batch APP Core BANK
    Reservation Credit Card Payment Refund
    5
    Get Reservations
    13 Refund Transaction (APP 15 Refund Request (Credit card Refund 18
    1 2
    Transaction ID/ APP RRN) payment) real time with Token 17

    4 Reservation Details
    6
    REST/JSON/TLS 1.2
    Refund details SOAP/XML/TLS 1.2
    Backoffice 7
    Customer representative TBX DLP Refund
    Agents Cancel Refund On2
    selects the reservation 10 Batch On2 

    and does adjustments web service
    Search Transactions Persist Refund Request
    TBX DLP UI by criteria 3 12 14
    in Database
    APP external
    Refund record is saved in TBX Persist Refund Response Refund Batch
    Search for All Refund Transactions
    9 database in pending status
    8
    in Database 19 8 17
    Send a file with all refund request
    to Adyen
    cancel refund records in TBX 11
    Perform Refund
    Customer representative cancels the refund File Transfer or Web Service Call
    database
    locally in case the guest cancels the refund

    16
    Fetch all refund request
    to Adyen
    Admin user logs in to TBX and
    excludes the booking from auto
    1
    refund

    REST/JSON/TLS 1.2
    Active Sync 18

    Refund Payment from travel box


    APP Payment DB APP Inquiry DB Adyen/PSP

    REST/JSON/TLS 1.2 Database search for the


    Admin User logs in to the APP transaction records by
    APP Admin Portal
    admin portal and searches for reservation id
    2
    4
    Get transaction for TBX DLP by reservation ID
    specific transaction by TBX booking
    ID
    7 Refund (encrypted card details, amount, released reservation ID etc)
    6

    Admin User enters a different card


    number to initiate refund on a
    APP ADMIN
    different card and enters amount
    Authentication and Authorization SERVICE
    to be refunded 3

    MY ID
    Integration Layer
    User Presentation Layer Client Service Layer Middleware Integration Services (Switches) Processor

    Display confirmation SBC Backend Service EAI


    Call center agent 26 Create Reservation (ESB)
    creates a reservation on SBC UI 2 Create Reservation
    3

    1
    5 Reservation Number
    6 Reservation Number
    7
    agent gets the card number from Authorize 9 Authorize
    8
    guest, enters the same in SBC Authorization
    Authorization
    screen and clicks Pay SBC UI
    23 Response
    24
    Response
    Call center User

    10 Authorize

    18 Authorize Response
    SOAP/HTTPS/TLS V1.2

    TBX 12 Fraud Check


    (DLP Installation) 4 Create Reservation
    Fraud Check turns Green for the given card

    25
    Retrieve Booking FRAUD AGENT
    Details 18 Post Payment

    SOAP/HTTPS/TLS V1.2

    13 Tokenize card

    19
    Acknowledge TOKEN VAULT
    Payment (MORIA)
    SOAP/HTTPS/TLS V1.2 On2 BANK
    15 Authorize Card
    14 Authorize Card
    TBX DB 16
    (DLP Installation) 22 Acknowledgement
    REST/JSON/TLS V1.2

    21 Acknowledgement Payment

    Insert Auth Event 11


    On2 Web Service
    Credit card payment through SBC Insert Fraud Result 12

    Request Token and payment transaction email 13 23

    Insert Authorization 17
    Insert Acknowledgement Payment

    Insert Acknowledgement 20

    APP DB

    CC DB
    Integration Layer
    User Presentation Layer Client Service Layer Middleware Integration Services (Switches) Processor

    Display confirmation SBC Backend Service EAI


    Call center agent 26 Create Reservation (ESB)
    creates a reservation on SBC UI 2 Create Reservation
    3

    1
    Reservation Number 5 Reservation Number
    6
    7
    Validate Card 9 Validate Card
    8

    agent gets the card number from Validation


    23 Validation Response
    guest, enters the same in SBC SBC UI
    22
    Response
    Call center User
    screen and clicks schedule future
    payment

    25 10 Validate Card

    18 Validate Card Response


    Callcenter agent
    changes the amount
    or the future payment TBX
    date in TBX DLP if 29 Fraud Check
    (DLP Installation) 4 Create Reservation
    needed
    Fraud Check turns Green for the given card

    24
    Retrieve Booking SOAP/HTTPS/TLS V1.2 FRAUD AGENT
    Details 19 Post Future Payment (Token,

    REST/JSON/TLS V1.2
    amount, APP RRN, APP
    Transaction ID, Issuer Auth Code,
    Card type)

    12 Tokenize card

    SOAP/HTTPS/TLS V1.2
    TBX DB
    (DLP Installation)
    20
    Acknowledge TOKEN VAULT
    Payment schedule (MORIA)
    On2 BANK
    Retrieve all payments
    15 $0 Auth
    REST/JSON/TLS V1.2 14 $0 Auth
    scheduled for the day 26 16
    $0 Auth
    31 Authorize Authorize
    Credit card payment through SBC 27
    Authorize (Token, amount,
    APP RRN) 35
    Auth Response
    32
    33
    Authorize
    Auth Response
    Future Payment 36 Auth Response 34

    Acknowledgement Payment
    Acknowledgement Payment
    (If the future payment card was not used for Acknowledgement
    39 40
    37

    deposit Payment) TBX Future Insert Validate Card Event 11


    SOAP/HTTPS/TLS V1.2 On2 Web Service
    Payment Batch
    Request Token and payment transaction email 13
    41

    Insert Card Validation Response Insert


    17
    (Bank reference ID, APP RRN, Card Token) Acknowledgeme
    nt Payment
    Insert Acknowledgement of future payment scheduling 21

    Insert Auth Event 28

    30
    Insert Fraud Result

    Insert Acknowledgement 38

    APP DB

    CC DB
    Integration Layer
    User Presentation Layer Client Service Layer Middleware Integration Services (Switches) Processor

    Display confirmation SBC Backend Service EAI


    Call center agent 26 Create Reservation (ESB)
    creates a reservation on SBC UI 2 Create Reservation
    3

    1
    5 Reservation Number
    6 Reservation Number
    7
    agent gets the card number from Authorize 9 Authorize
    8
    guest, enters the same in SBC Authorization
    Authorization
    screen and clicks Pay SBC UI
    23 Response
    24
    Response
    Call center User

    10 Authorize

    21 Authorize Response
    (Pending Manual Auth)

    TBX 12 Fraud Check


    (DLP Installation) 4 Create Reservation
    Fraud Check turns Green for the given card

    25
    Retrieve Booking SOAP/HTTPS/TLS V1.2 FRAUD AGENT
    Details Post Payment as

    REST/JSON/TLS V1.2
    22
    Pending Payment

    14 Tokenize card

    Acknowledge Pending
    23
    SOAP/HTTPS/TLS V1.2
    Payment
    Acknowledge TOKEN VAULT
    TBX DB
    34
    Payment (MORIA)
    (DLP Installation) On2 BANK
    SOAP/HTTPS/TLS V1.2
    REST/JSON/TLS V1.2 16 Authorize Card
    Change payment status 33 17 Authorize Card 18
    19 Authorize Response with “Call
    32 Notify Manual Auth authorizer” error 37 Acknowledgement
    APP TBX
    Notification Service Impl Insert Auth Event 11
    36 Acknowledgement Payment

    Insert Fraud Result 13

    Credit card payment through SBC Request Token and payment transaction details 15
    Update Manual
    On2 Web Service

    MANUAL AUTH Change transaction status as “Pending Manual Auth” 20


    31
    Authorization
    38

    Insert Acknowledgement 24
    Insert
    Acknowledgement
    Insert Manual Auth ack 35 Active Sync Payment
    Inquiry DB
    APP DB
    Admin User logs in to the APP APP Admin Portal
    admin portal and searches for
    25
    26
    Get all “Pending Manual Auth” for TBX DLP
    manual auth records by date range
    and merchant ID
    30 Update Manual Auth records
    29 27
    Admin User enters auth code on the
    transaction record and submits Database search for manual
    auth records

    31 Authentication and Authorization


    CC DB
    28 Admin user calls bank to get manual authorization
    MY ID
    Integration Layer
    User Presentation Layer Client Service Layer Middleware Integration Services (Switches) Processor

    JSON/REST/TLS V1.2 APP Core SOAP/HTTPS/TLS V1.2


    TBX
    (DLP Installation) TBX calls APP acknowledging Payment
    ON2 Web Service On2
    posting
    3
    APP Calls On2 web service notifying 4 acknowledge
    1
    acknowledgement receipt (ASYNC)

    3
    APP sends instant reply confirming the
    acknowledgement receipt acknowledge
    acknowledge 6
    7 ment receipt
    ment receipt
    APP inserts acknowledgement flag against response
    2 response 5
    the transaction
    persists the acknowledgement
    APP insert s acknowledgement receipt 8
    record

    TBX Database APP Payment DB APP Inquiry DB CC DB


    (DLP Installation)

    Successful Cases
    Failure Cases TBX JSON/REST/TLS V1.2 APP Core SOAP/HTTPS/TLS V1.2
    (DLP Installation) ON2 Web Service On2
    TBX calls APP acknowledging Payment
    posting
    3
    APP Calls On2 web service notifying 4 acknowledge
    1
    acknowledgement receipt (ASYNC)
    7 acknowledge 6
    Receipt response
    ment receipt
    connections
    9 acknowledge
    APP acknowledgement
    retry batch time out 11
    Receipt response
    APP inserts acknowledgement flag against 5
    Check for the acknowledgement &
    2
    the transaction 8 persists the acknowledgement
    APP retry notifying acknowledgement receipt
    Retrieves the 8 10

    abandoned 12 acknowledgement receipt


    notifications response Finds the acknowledgement &
    do not persists the acknowledgement

    13

    APP insert s
    acknowledgem
    TBX Database ent receipt App will retry Posting the CC DB
    (DLP Installation) record acknowledgement three times
    APP Inquiry DB • after 15 minutes of first
    failure
    7 • after 30 minutes of 2nd
    failure
    TBX ACKNOWLEDGMENT HANDLING • after 1 hour of third failure

    APP Payment DB
    UC4 triggers the
    nightly refund
    batch
    Integration Layer
    User Presentation Layer Client Service Layer Middleware Integration Services (Switches) Processor

    Adyen sends the clearing


    Adyen
    1 file to bank

    Bank sends the payment file to


    2 Adyen

    Adyen sends the


    3 payment confirmation file
    to On2
    APP Third Party
    Settlement Data SFTP
    Importer
    On2
    APP settlement data
    6 exporter pulls the data 2

    SFTP directory

    ON2 creates clearing file


    and sends the same to
    BANK
    the bank and gets
    payment file from BANK
    ON2 updates CCDB 3 4
    with the clearing
    transaction Data

    updated in CCDB
    Adyen payment confirmation is
    1 ON2 fetches all the 4

    transaction records that has


    7 Transactions are updated been acknowledged by APP
    with settled status (Sent Bank sends a payment
    for settlement or File to On2 CCDB
    settled)

    ON2 Data
    Integration
    Service
    5
    Inquiry DB CC DB
    APP DB

    7 On2 integration layer


    File Movement gets all cleared and
    Settlement Process directory 6
    settled transactions
    from CCDB
    Two file, namely the Integration Service
    clearing file (only CC) transforms the
    and the payment File Payment and clearing
    (Both CC and Adyen) is file as per APP need
    uploaded to a secured
    FTP server location
    Integration Layer
    User Presentation Layer Client Service Layer Middleware Integration Services (Switches) Processor

    Nightly Transaction SFTP


    Data Export APP Transaction
    data Movement
    APP Transactional
    directory
    Data Exporter Transaction Data File (CSV) BANK
    containing:
    Inquiry Database a) Declined, Records
    b) Technical Failures
    c) Successful authorizations
    On2 integration layer
    SFTP downloads the
    transaction file
    through SFTP

    ON2 Integration

    Active Sync
    Layer On2 integration layer
    Sends APP transaction
    Updated BIN Ranges will be records to CCDB
    uploaded to APP download
    Folder BANK Sends Payment
    APP BIN File File (Daily) and Bin
    Importer Range Update File
    monthly
    APP Database
    On2 integration layer Exports the
    ON2 sends the

    SFTP
    APP Uploads new Bin File BIN Range Update Data, clearing
    acknowledged
    DATA EXCHANGE ACROSS APP AND ON2 BIN Range definitions Movement
    directory
    records and payment records CC DB
    transactions for
    clearing to bank every
    APP External night
    Settlement Data Clearing records and payment
    Importer records will be uploaded to the
    SFTP APP transaction download
    directory
    APP changed transaction status
    Accordingly Clearing And
    settlement File
    Movement
    Directory
    Thank You !

    Confidential Document of TWDC Do Not Distribute

    You might also like